Know your basics – LinkedIn privacy and security settings

New and proficient users of LinkedIn alike tend to overlook the potential privacy and security issues related to the platform. I’ve written extensively in the past about potential risks of fake profiles and social engineering, but I’ve never dived into the actual security and privacy settings.

But recently I’ve helped a friend to set up and account for the first time and was forced to take a closer look into my accounts’ settings. I did not like what I’ve found. On one hand, LinkedIn has made it very easy to access and configure these settings. On the other, the default option of most of these is “On”, or lesser security. But as we online security and privacy are our own responsibilities, I’d rather focus on explaining how to manage these better (I’ll save my criticism for LinkedIn for a later day, they can do a lot more in terms of securing their users and mitigating fraud).

What do I need to do?

Define a solid, unique password

Start with the basics- define a robust password, and make sure it a unique one (see this article about the risk of password re-use.

 

linkedin-security-4
Password change (mine hasn’t been changed in 2 years, so it was time to update it)

 

And change it from time to time

LinkedIn now tells you how long it has been since you last changed your password. Mine’s been the same for a little over 2 years, which means it badly needs a change.

Activate 2 factor authentication

It is highly recommended that you activate this feature, which mandates to use 2 step when trying to set up an account on a new device or recreate a forgotten password.

 

linkedin-security-5
2 Factor Authentication

 

See how many devices and locations are signed in

We access LinkedIn from multiple devices and locations. We often forget and might be logged in on some forgotten PC or device we no longer use. Check it and kill all devices you don’t use on a regular basis.

linkedin-security-3

Check how many Email addresses are associated with your account

If you are like me, you’ve accessed your account from multiple positions and companies, including some you no longer work for. Given that email addresses are often stolen and sold you are leaving the door wide open here- so cancel the association of unused email addresses with your account.

linkedin-security-6

Check which applications are associated with your account and limit data sharing with 3rd parties

Almost any application (web or mobile) asks our permission to connect to our account and is granted access to our entire data. We grant permission and forget about it, but the 3rd party can continue to access our data long after we’ve stopped using it.

linkedin-security-3rd-party-apps

Remove applications you no longer use and block sharing of information with 3rd Party apps you did not specifically signed to.

linkedin-security-settings1

Decide which parts of your profile are showed as part of your public profile

LinkedIn profiled are searchable both from within LinkedIn and through Google, so you can decide which parts of your profile are shown to the world.

linkedin-security-public-profile

Download a copy of all your activity

Thanks to data privacy laws, LinkedIn must provide you (up to 24 hours) a copy of all your data that reside within the system. Or you can simply download your contacts. You decide.

linkdein-data-archive

Bonus Tip- Translate your profile

This is a nice little feature LinkedIn now offers- you can create multiple profiles in different languages (you do need to translate it yourself, though).

linkedin-profile-translate

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s